ietf-mxcomp
[Top] [All Lists]

RE: Forging (was Re: Differences between CSV and Sender-ID )

2004-07-07 08:12:07

--Gordon Fecyk <gordonf(_at_)pan-am(_dot_)ca> wrote:


As I say, the Internet community is going to be a bit disappointed
that we spent this much time and effort and did nothing to reduce
spam.

I've said in counter to this that the Internet Community consists of a
bunch of lazy [censored] for not acting to do something about their own
spam, and a bunch of clueless [deleted] for actually responding to spam.

None of us here have the solution to a clueless and lazy community.

What we can do here is deliver incentive to complain, by demonstrating
that who claims to have sent the spam actually sent it (accountability).
IF the community decides to act on valid information, they will, and that
will be the beginning of the end of spam.  IF not, if the commmunity
chooses to be the lazy [deleted] that they are today, then it won't.

If MARID gets used by an elite few, that's OK by me.  I will probably
host a second domain that will require senders have MARID records or
their mail will be refused.  Eventually the elite minority will grow.


Agreed. MARID-brand LMAP probably won't noticeably reduce spam, or even forgery, at first, but if it creates a dis-incentive to forging MY domain name, I will definitely use it. At first the easiest thing for spammers to do will be to forge other domains that don't have LMAP info. Eventually, mail from domains with no LMAP info will start to get downgraded, but that will take a long time.

The view that "this won't reduce spam so we shouldn't do it" is a pretty short-sighted one. Sure, everyone here would like to reduce spam, but we can serve other goals too. I think we went over this in detail during the "which identity to check" phase, so I won't rehash everything discussed before, but it seemed clear that both 2821 and 2822 identities should be protected, for different but equally valid reasons.


--
Greg Connor <gconnor(_at_)nekodojo(_dot_)org>